We compared Qualys VMDR and Tenable Nessus based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
The setup process for Qualys VMDR is quick and uncomplicated, taking only a few minutes. However, setting up Qualys Container Security can be intricate and time-consuming. In contrast, Tenable Nessus is described as straightforward and effortless to set up, taking anywhere from 30 minutes to a couple of hours.
Qualys VMDR is notable for its effective prioritization system, ongoing monitoring, customizable dashboard, and extensive vulnerability overview. On the other hand, Tenable Nessus excels in vulnerability assessment, reporting, and ease of use.
Both Qualys VMDR and Tenable Nessus have areas that could be improved. Qualys VMDR could enhance user experience, UI design, SLA tracking, batch prioritization, integration, reporting, and dashboards. On the other hand, Tenable Nessus could improve integration, pricing, user interface, reporting, support, and learning resources.
Both Qualys VMDR and Tenable Nessus provide valuable returns on investment. Qualys VMDR prioritizes the reduction of cybersecurity risks, while Tenable Nessus places emphasis on proactive vulnerability discovery and patch deployment.
The customer service for Qualys VMDR has received both positive and negative feedback. Some customers appreciate the convenience of reaching out to a global team and the implementation of suggested improvements. However, there are concerns about the response time and the expertise of the support staff. Tenable Nessus also has a mix of reviews. Some customers find the support to be prompt and useful, while others believe that the support team could be more knowledgeable and that the solutions provided are not always effective.
Comparison Results
Based on the reviews, Qualys VMDR and Tenable Nessus have similar initial setup processes that are straightforward and easy. However, Qualys VMDR stands out for its user-friendly setup and maintenance, including automatic agent updates. On the other hand, Tenable Nessus is highly effective in vulnerability assessment and reporting, and is also praised for its affordability and scalability. Qualys VMDR is valued for its prioritization mechanism and comprehensive overview of vulnerabilities, while Tenable Nessus is commended for its real-time monitoring and self-updating engine. Customer service and support for both products have received mixed reviews, with some users finding the support teams responsive and helpful, while others had negative experiences or did not require support.
"Qualys has a continuous endpoint monitoring feature for agent-based scanning. Once you deploy the solution, it monitors everything that is happening every 30 minutes. Then, if there are any vulnerabilities, they are reported."
"There are many features. Its reliability, ease of installation, ease of use, and the richness of the information provided are the most valuable features."
"The reporting functionality is great."
"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities."
"Technical support is fantastic."
"Vulnerability management is the most valuable one and it’s a must in every organization."
"The Vulnerability Management and Patch Management features are the most valuable features of this solution."
"The most valuable feature is automation."
"The results are not that bad, but the key selling point is that it is an affordable tool set."
"The most valuable feature is how it scanned and detected through its database to let us know exactly what fixes we needed to put in place for the vulnerabilities. It detects and it also gives you the way to fix it."
"The plug-in text information is quite useful."
"The solution is very stable."
"Security is the key number because it can start to scan with a few clicks instead of credits, which is a bit complicated. So simplicity is the first advantage. Then the generated reports are well done and easy to present to management. The quality of the scan is quite good in detecting the severity. The solution has simplicity. Also, it has frequent updates so that is also a valuable feature."
"A valuable feature of the solution is that it is easy to understand."
"It allows me to prioritize efforts and utilize effective technical resources."
"The most valuable features are that it's fast, it's easy to use and it provides good reports."
"I do not like that all of the data is stored on the cloud."
"What we have found is that the solution is not closely tied with the patch management. It is okay with newer ones, like Windows 10 machines; it gives the correct patch. But for Windows 7 or Windows Server 2008, it does not give us the correct patch so we have to manually identify the patches. This is a major problem."
"It's too early for me to say if there is any room for improvement since we're in the first couple of months of using this solution."
"The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"The ability to manage user accounts and give rights to the operator to know about abnormalities of applications is something that needs improvement."
"Improve the API speed."
"The price could be better. Asset view is still a legacy feature. I'm not able to extract the information about the asset with complete details. It would be better if they fixed that in the next release. I know Qualys is already working on it, so I'm hopeful it will be available in the next five or six months. That would be something that's changed where I seek improvement."
"The tool needs to upgrade asset tracking."
"Tenable Nessus is not feasible for a large company."
"It would be better if they had application-level support for mobile devices. They don't have anything to scan mobile devices. Tenable Nessus doesn't have a mobile application vulnerability assessment. I also have issues with the false positive rates. The product has limited features."
"They have added a new Tenable Nessus Expert. That is their new product, which caters to the cloud and everything else. I am assuming that the new features and product enhancements are based on that tool set, but we haven't reviewed it yet."
"The accuracy of the vulnerability assessment is not up to par yet, as false alarms and false positives occur often."
"Tenable Nessus could improve reporting and information sharing. It would be helpful if we could share the reports and have a little bit better flexibility in the reporting of the data."
"Lacks some penetration testing-related services."
"They could make their reporting a little better."
Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Qualys VMDR is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Qualys VMDR is most compared with Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management, Tenable Vulnerability Management and Tanium, whereas Tenable Nessus is most compared with Rapid7 InsightVM, Tenable Vulnerability Management, Tenable Security Center, Pentera and Microsoft Defender Vulnerability Management. See our Qualys VMDR vs. Tenable Nessus report.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.